Product Brochure · Security Awareness Training
BullPhish ID
Phishing Simulation & Security Awareness Training
Transform your employees from your greatest vulnerability into your strongest line of defense — with automated phishing simulations, engaging training courses, and measurable risk reduction.
90%
of breaches start with phishing
70%
risk reduction from consistent training
80+
phishing simulation kits available
Automated Phishing Tests
Video Training Library
Auto-Enrollment on Failure
Compliance-Ready Reporting
The Threat Landscape
The Human Factor Is Your Biggest Risk
90%
of all cyberattacks begin with a phishing email sent to an employee
$4.9M
average total cost of a data breach in 2024 (IBM Security)
85%
reduction in phishing click rates achievable after 12 months of consistent training
$3.99
per user/month — protecting your team costs less than a cup of coffee
Why Firewalls Aren't Enough
Every Attacker's Easiest Path Is Through Your People
Your organization has firewalls, antivirus software, and email filters. So do most businesses that experience major breaches. The reason? Every technical defense has one fundamental gap: the human in the chair.
Cybercriminals don't need to break through your defenses. They just need one employee to click one realistic-looking link — granting them access to everything on the other side. Phishing attacks have become so convincing that even experienced IT professionals fall for them.
A Typical Attack in 4 Steps
1
Employee receives a convincing phishing email — appearing to come from Microsoft, HR, or a known vendor
2
Employee clicks the link and enters their credentials on a realistic-looking fake login page
3
Attacker logs in using stolen credentials — gaining access to email, files, and internal systems
4
Breach escalates — ransomware, data theft, BEC fraud, or lateral movement across your network
The Solution Is Simple
Train employees to recognize phishing — through realistic practice. BullPhish ID delivers that training automatically, at scale, with measurable results.
How BullPhish ID Works
A Complete, Automated Security Awareness Program
Set it once. The platform handles the rest — simulations, training, reporting, and re-enrollment.
01
Phishing Simulation Launched
We schedule and send realistic phishing test emails from 80+ pre-built kits — modeled on Microsoft, HR alerts, file-sharing, and more. New kits added monthly.
02
Results Are Tracked
The platform records who clicked, who submitted credentials, and who reported the email — building a picture of your organization's risk profile.
03
Auto-Enrollment for High-Risk Users
Employees who clicked are automatically assigned targeted training — no manual action required. The right course goes to the right person instantly.
04
Progress Reported
Automated monthly reports track click rates, training completion, and improvement over time — ready for leadership, compliance audits, and cyber insurance documentation.

The Two Core Modules

Module 1
Phishing Simulation
Send realistic phishing tests to your entire team — automatically, on a schedule you set. Identify who's at risk before attackers do.
  • 80+ ready-to-use phishing kits (4 new/month)
  • Customizable templates and sending domains
  • Randomized send times to prevent tipping off
  • Schedule up to 12 months in advance
  • Tracks opens, clicks, and credential submissions
Module 2
Security Awareness Training
Assign engaging video-based training courses to your team — with quizzes, completion tracking, and automatic delivery of refresher training to those who need it most.
  • 55+ animated training courses available
  • Available in 8 languages
  • Quiz-based comprehension checks
  • White-labeled portal with your organization's branding
  • Automated reminder emails before deadlines

Auto-Enrollment: The Program's Most Powerful Feature

When an employee fails a phishing simulation — by clicking the link or submitting credentials — BullPhish ID automatically enrolls them in a targeted remedial training course. No manual review required. No IT admin intervention. The highest-risk employees get targeted practice immediately, without delay.

Set It Once. Run for a Year.
Phishing campaigns can be scheduled up to 12 months in advance. Once configured, the platform runs automatically — sending tests, tracking results, triggering training, and generating reports without requiring ongoing management from your IT team. Degarmo Technologies handles configuration and oversight as part of your managed security service.
Key Features
Everything You Need to Run a World-Class Awareness Program
Degarmo Technologies manages all of this on your behalf — fully configured, continuously optimized.
🎯
80+ Phishing Kits
Templates modeled on real current threats: Microsoft, DocuSign, HR alerts, vendor portals, and more. 4 new kits added every month to keep pace with evolving tactics.
⚙️
Custom Domains
Send phishing tests from addresses that match your own company domain — the most realistic test possible. Increases training value by reflecting real attacker techniques.
🔄
Auto-Enrollment
Employees who fail automatically receive targeted training — no admin action needed. High-risk individuals get the help they need immediately, without anyone having to track it manually.
🌐
8 Training Languages
Security awareness training available in English, Spanish, French, German, Italian, Portuguese, Dutch, and Japanese — supporting diverse, multilingual workforces.
📊
Automated Reporting
Monthly and quarterly reports delivered automatically to designated recipients. Campaign metrics, training completion rates, and risk trends — ready for leadership reviews and compliance audits.
🏷️
White-Label Portal
The employee training portal is co-branded with your organization's logo and name — creating a familiar, trusted experience that drives higher course completion rates.
🔗
Drop-A-Phish Delivery
Optional integration places phishing test emails directly into employee inboxes — bypassing spam filters completely. No whitelisting required. 100% guaranteed delivery.
📋
Active Directory Sync
Employee lists stay automatically current via Active Directory sync — no manual CSV imports or risk of sending tests to departed employees.
Compliance Evidence
Training completion records flow automatically into compliance management systems. HIPAA, PCI-DSS, NIST, and cyber insurance documentation — generated automatically.
789K+
users clicked phishing simulations
in 2024 campaigns — showing how widespread the risk is
75–86%
reduction in phishing click rates
achievable after 12 months of training
$3.99
per user per month
starting price — one of the most
affordable platforms in the market
Compliance & Cyber Insurance Value
Meet Requirements. Reduce Premiums. Document Everything.
BullPhish ID generates the evidence your compliance program and cyber insurer demand — automatically.

Cyber insurers and compliance frameworks increasingly require documented proof of security awareness training. BullPhish ID was built to satisfy these requirements — automatically generating the reports you need without adding administrative burden to your team.

Compliance Framework Alignment

Framework
Requirement
BullPhish ID Coverage
NIST Cybersecurity Framework
Awareness & Training (PR.AT)
Training records + phishing metrics
HIPAA Security Rule
Security Awareness Training
Completion records per employee
PCI DSS (v4.0)
Req. 12.6 — Security Awareness
Documented awareness program
SOC 2 Type II
CC1.4 — Training & Awareness
Automated audit trail
Cyber Insurance Applications
Active phishing simulation program
Campaign reports ready to export

Cyber Insurance: What Insurers Are Now Asking

Cyber insurance underwriters are increasingly asking detailed questions about security awareness programs before issuing or renewing policies. Many are now requiring proof of:

What Insurers Are Asking
  • Do you conduct phishing simulation tests?
  • How often are tests conducted?
  • Is training provided to employees who fail?
  • Are training completion rates tracked?
  • Is training updated regularly with current threats?
  • Do you have reports to show your program is active?
How BullPhish ID Answers "Yes"
  • Automated quarterly phishing campaigns
  • Monthly cadence recommended by Degarmo
  • Auto-enrollment triggers immediate training
  • Per-employee completion records logged
  • 4 new phishing kits added every month
  • Exportable campaign and training reports
The Business Case: ROI in Plain Numbers
At $3.99/user/month for a 25-person team, BullPhish ID costs approximately $1,197/year. The average cost of a single successful phishing attack — including downtime, remediation, and reputational damage — exceeds $500,000. The math is straightforward: training is not an expense. It's insurance.
Delivered by Degarmo Technologies
BullPhish ID, Fully Managed — So You Don't Have To
We configure, run, and report on your entire security awareness program. You get the results without the workload.

BullPhish ID is powerful on its own — but most organizations don't have the in-house security expertise to configure it optimally, keep phishing kits fresh, analyze results, and adjust the program over time. That's where Degarmo Technologies comes in. As your managed security partner, we handle every aspect of the program on your behalf.

What Degarmo Does For You

🔧 Program Configuration
We set up your phishing campaign schedule, configure auto-enrollment rules, customize the training portal with your branding, and import your employee directory — getting the program live quickly and correctly.
📅 Ongoing Campaign Management
We select phishing kits appropriate for your industry and threat landscape, rotate templates quarterly to prevent desensitization, and schedule campaigns up to 12 months ahead.
📈 Reporting & Review
Monthly reporting delivered to your leadership team shows program performance over time — click rates, training completion, and trend analysis. We present findings and recommend program adjustments.
🎓 Training Curation
We select training courses aligned to your team's current risk profile and industry compliance requirements. As new courses are released (monthly), we keep your program current without any action from your team.

Why Choose Degarmo to Manage Your Program

🎖️
Veteran-Owned
Disciplined, mission-focused approach to your organization's security. Same-day support commitment.
🏢
Enterprise Expertise
Team includes CISOs, ISSMs, and Security Engineers with real-world security operations experience.
🤝
True Partnership
We act as your security partner, not just a vendor. Transparent, proactive, and always accessible.
Ready to Build Your Human Firewall?
Degarmo Technologies will configure and launch your BullPhish ID security awareness program — with phishing simulations running within days of onboarding. No technical effort required from your team.
Free Security Consultation
No Long-Term Contract Required
Program Live in Days
Visit degarmo.tech to get started · Oklahoma City, OK · Serving organizations nationwide